CVE-2015-3223
MEDIUM5.3EPSS 20.3%samba - security update
發布日:2015/12/29修改日:2026/4/28
描述
The ldb_wildcard_compare function in ldb_match.c in ldb before 1.1.24, as used in the AD LDAP server in Samba 4.x before 4.1.22, 4.2.x before 4.2.7, and 4.3.x before 4.3.3, mishandles certain zero values, which allows remote attackers to cause a denial of service (infinite loop) via crafted packets.
受影響套件(3)
- Debian/ldbfrom 0, < 2:1.1.24-1
- Debian/sambafrom 0, < 2:4.1.22+dfsg-1
- Debian/sambafrom 0, < 2:3.6.6-6+deb7u6
CVSS 分數
| 來源 | 版本 | 嚴重程度 | 向量 |
|---|---|---|---|
| osv | CVSS 3.1 | MEDIUM5.3 | CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L |